summaryrefslogtreecommitdiffstats
path: root/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/configserver/SslConnectionSocketFactoryUpdater.java
diff options
context:
space:
mode:
Diffstat (limited to 'node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/configserver/SslConnectionSocketFactoryUpdater.java')
-rw-r--r--node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/configserver/SslConnectionSocketFactoryUpdater.java16
1 files changed, 4 insertions, 12 deletions
diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/configserver/SslConnectionSocketFactoryUpdater.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/configserver/SslConnectionSocketFactoryUpdater.java
index 007e361ee55..b07ee37209c 100644
--- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/configserver/SslConnectionSocketFactoryUpdater.java
+++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/configserver/SslConnectionSocketFactoryUpdater.java
@@ -3,6 +3,7 @@ package com.yahoo.vespa.hosted.node.admin.configserver;
import com.yahoo.vespa.athenz.api.AthenzIdentity;
import com.yahoo.vespa.athenz.api.AthenzService;
+import com.yahoo.vespa.athenz.identity.ServiceIdentityProvider;
import com.yahoo.vespa.athenz.identity.SiaIdentityProvider;
import com.yahoo.vespa.athenz.tls.AthenzIdentityVerifier;
import com.yahoo.vespa.athenz.tls.SslContextBuilder;
@@ -41,18 +42,9 @@ public class SslConnectionSocketFactoryUpdater implements AutoCloseable {
* @throws RuntimeException if e.g. key store options have been specified, but was unable
* create a create a key store with a valid certificate
*/
- public static SslConnectionSocketFactoryUpdater createAndRefreshKeyStoreIfNeeded(ConfigServerInfo configServerInfo) {
- SiaIdentityProvider siaIdentityProvider = configServerInfo.getSiaConfig()
- .map(siaConfig ->
- new SiaIdentityProvider(
- (AthenzService) AthenzIdentities.from(siaConfig.hostIdentityName()),
- Paths.get(siaConfig.credentialsPath()),
- new File(siaConfig.trustStoreFile())))
- .orElse(null);
- HostnameVerifier configServerHostnameVerifier = configServerInfo.getSiaConfig()
- .map(siaConfig -> createHostnameVerifier(AthenzIdentities.from(siaConfig.configserverIdentityName())))
- .orElseGet(SSLConnectionSocketFactory::getDefaultHostnameVerifier);
- return new SslConnectionSocketFactoryUpdater(siaIdentityProvider, configServerHostnameVerifier);
+ public static SslConnectionSocketFactoryUpdater createAndRefreshKeyStoreIfNeeded(SiaIdentityProvider identityProvider,
+ AthenzIdentity configserverIdentity) {
+ return new SslConnectionSocketFactoryUpdater(identityProvider, createHostnameVerifier(configserverIdentity));
}
SslConnectionSocketFactoryUpdater(SiaIdentityProvider siaIdentityProvider,